successful authentication does not give full privilege with 3.0 mongos and 3.2 mongod

XMLWordPrintableJSON

    • Type: Bug
    • Resolution: Done
    • Priority: Major - P3
    • 3.2.0-rc4
    • Affects Version/s: 3.2.0-rc2
    • Component/s: Security, Sharding
    • None
    • Fully Compatible
    • ALL
    • Hide

      run jstests/sharding/authmr.js with everything in 3.2 expect for mongos, which is in 3.0

      Show
      run jstests/sharding/authmr.js with everything in 3.2 expect for mongos, which is in 3.0
    • Sharding C (11/20/15), Sharding D (12/11/15)
    • None
    • 3
    • None
    • None
    • None
    • None
    • None
    • None
    • None

      It appears that even if a user authenticates successfully as an admin user, it does not have the full privilege.

      This appears be the culprit since ActionSet::parseActionSetFromStringVector breaks out immediately when it sees an unrecognized action:

      2015-11-16T15:57:49.199-0500 W ACCESS   [conn1] Could not parse privilege element in user document for admin@admin: Unrecognized action privilege string: bypassDocumentValidation
2015-11-16T15:57:49.218-0500 I ACCESS   [conn1] Successfully authenticated as principal admin on admin

        1. userdoc.json
          4 kB

              Assignee:
              Spencer Brody (Inactive)
              Reporter:
              Randolph Tan
              Votes:
              0 Vote for this issue
              Watchers:
              10 Start watching this issue

                Created:
                Updated:
                Resolved: